<?php
require_once("../inc/conn.php");
session_start();
$level=$_POST["level"];
$name=$_POST["uname"];
$pass=$_POST["upass"];
$code=$_POST["code"];
$code1=$_POST["code1"];



//判断验证码
if($code==$code1){
	
   //分类别进行验证
	if($level==1){
		//链接数据库
		//通过sql验证用户名密码
		$sql="select * from userinfo where name='".$name."' and pass='".$pass."'";	


		$rs=$conn->query($sql);
		$total=$rs->num_rows;
		//判断
		//
		//echo $total;

		if($total>0){
			//继续处理 存储用户名
			$_SESSION["admin"]=$name;
			$_SESSION["level"]=$level;
			echo "<script>window.alert('成功登录！！'); location.href='main.php';</script>";

		}else{
			echo "<script>window.alert('用户名或密码有误！！'); location.href='login.php';</script>";
		}
	}
	
	if($level==0){
		//链接数据库
		//通过sql验证用户名密码
		$sql="select * from admin where name='".$name."' and pass='".$pass."'";	
		$rs=$conn->query($sql);
		$total=$rs->num_rows; //统计数量
		$row=$rs->fetch_assoc();
		//判断
		if($total>0){
			//继续处理 存储用户名
			$_SESSION["admin"]=$name;
			$_SESSION["level"]=$level;
			//管理员的级别
			$_SESSION["adminlevel"]=$row["level"];
			echo "<script>window.alert('成功登录！！'); location.href='main.php';</script>";

		}else{
			echo "<script>window.alert('用户名或密码有误！！'); location.href='login.php';</script>";
		}
	}
	
}else{
	echo "<script>window.alert('验证码不相符！！'); location.href='login.php';</script>";
}

?>